Should I install Malwarebytes on my Arch system?

SteveDeFacto · 2014-05-12 01:29:49

Came across this article explaining how to install malwarebytes on linux. While it obviously sounds counter intuitive to do such a thing, I have had a good experience malwarebytes and the obvious advantage of it monitoring port activity and blocking malicious activity would seem very useful. I know with iptables I could manually block ports but that has always been a pain to me. I don't know if this is a good or bad idea. What do you guys think?

Last edited by SteveDeFacto (2014-05-12 01:33:13)

jasonwryan · 2014-05-12 01:42:37

I don't know what it is, but I am certain that installing any Windows-related security application on Linux would be both perverse and pointless. Use *nix tools for the job, they will be (a) secure, and (b) better software.

skottish · 2014-05-12 01:46:15

MalwareBytes is one of the finest tools for Windows security. I'd highly recommend it for a Windows machine. The only question that I'd ask myself is are Windows viruses and malware effective in Wine? If so, it's a great tool.

drcouzelis · 2014-05-12 01:48:55

SteveDeFacto wrote:

Should I install Malwarebytes on my Arch system?

I don't care whether or not you install it.

I wouldn't install it. The only useful functionality you mentioned already exists in numerous other open source native Linux applications.

SteveDeFacto · 2014-05-12 01:55:25

drcouzelis wrote:

SteveDeFacto wrote:
Should I install Malwarebytes on my Arch system?
I don't care whether or not you install it.
I wouldn't install it. The only useful functionality you mentioned already exists in numerous other open source native Linux applications.

Like?

phanisvara · 2014-05-12 02:00:04

https://wiki.archlinux.org/index.php/AppArmor
https://wiki.archlinux.org/index.php/SELinux

nomorewindows · 2014-05-12 02:13:08

Being this is kinda silly that Malwarebytes would only be usable on Windows and not Linux, for the fact that Linux doesn't have near the problems with malware. Malwarebytes has malware definitions, but for the most part it is ported to be protective in the manner that Linux already has available to it. The default iptables are usually sufficient unless you are directly facing your machine to the internet. Usually your internet router has a firewall built in so only if you are doing anything in-house that you need to even bother with complex iptables. Generic malware on Windows will probably take out 90% of Windows machinery. Unless malware is specifically targeted for a specific unpatched exploit in Linux, the risk is quite low. Most of this is probably repeat of what everyone else has already said.
If you download the free version, it appears to expire after 14 days, in which you'll have to lock down the machine yourself. Running it under Wine would be a flimsy approach, as Wine doesn't implement every possible call that might be needed.

Last edited by nomorewindows (2014-05-12 02:19:07)

HiImTye · 2014-05-13 18:27:43

ClamAV is in the repos, and is perfectly suited to scan files on a Linux system, although admittedly, the definitions of all virus scanners specifically target Windows viruses.
UFW makes firewall setup simple.
AppArmor and SELinux are tools to fine tune what programs can do. you can also use cgroups, file permissions, users and groups, etc to do the same to differing extents.

I would be leery of the level of protection offered by malwarebytes on a Linux system, as their primary development is on Windows, and the systems are entirely different.

ANOKNUSA · 2014-05-13 19:41:41

SteveDeFacto wrote:

Came across this article explaining how to install malwarebytes on linux Ubuntu.

At the risk of violating one of our forum rules (and with no offense meant to the OP), I'll say that the linked-to guide has some fifteen-foot-wide red flags slapping readers in the face:

1) It's specifically addressed to Ubuntu users.
2) It details how to install software that was only ever intended to run on Windows (meaning there can be no real expectation that it will work properly, even if it runs).
3) It presumes the reader has no idea how to install software under Ubuntu, or how to even open a terminal window. In other words, it presumes the person installing Malwarebytes is not the sort of person who should be installing anything, and the sort of Linux user who can't be bothered to break old, bad habits.

What we have is an article aimed at people who are unfamiliar with basic functions of their operating system, are willing to entrust their security to a program that cannot ensure any security at all, and who don't realize that since the majority of the world's servers run some Unix-like operating system or another, it stands to reason that *nix-native network security tools exist.

I have had a good experience malwarebytes and the obvious advantage of it monitoring port activity and blocking malicious activity would seem very useful. I know with iptables I could manually block ports but that has always been a pain to me.

fail2ban might be a start.

felipe · 2014-05-13 20:35:15

MalwareBytes Premium blocks UDP/TCP connections to some "malicious" IP, included peers in the torrent programs. Is useful to block connections to dangerous pages on the internet, block background process suspicious internet traffic. Probably the most useful is the list of the malicious IP but a malicious packager or developer could include a trojan horse in random package which you install and probably the IP will not be in the list of malicious IP. You need better to watch the active conections with netstat and kill which you don't trust also monitor for process which you don't trust and search in google for their information.

example:

ps -A
...
 2184 ?        00:00:09 tracker-store
...

https://www.linuxquestions.org/question … me-860799/

The tutorial is for Ubuntu because is a spyware OS.

jasonwryan · 2014-05-13 20:41:47

felipe wrote:

The tutorial is for Ubuntu because is a spyware OS.

Don't do this. https://wiki.archlinux.org/index.php/Fo … ng_Systems

HiImTye · 2014-05-13 20:45:34

ANOKNUSA wrote:

I have had a good experience malwarebytes and the obvious advantage of it monitoring port activity and blocking malicious activity would seem very useful. I know with iptables I could manually block ports but that has always been a pain to me.
fail2ban might be a start.

iptables/UFW has the same sort of functionality built into it

ufw limit 80/tcp
## or
iptables -A INPUT -p tcp --syn -m limit --limit 1/s --limit-burst 3 -j RETURN

and of course, fail2ban or denyhosts, or etc provide extra functionality on top of it

Last edited by HiImTye (2014-05-13 20:46:33)

Steef435 · 2014-05-13 20:52:45

I think wine itself will make your system more vulnerable than that MB will protect it. I think it's a great tool for Windows systems, but even then only for the scans and not for active monitoring and protection. It's quite heavy(on the processor), and I expect the numbers to be even higher when it's run it in a wine shell.

Last edited by Steef435 (2014-05-13 20:53:13)

Arch Linux

#1 2014-05-12 01:29:49

Should I install Malwarebytes on my Arch system?

#2 2014-05-12 01:42:37

Re: Should I install Malwarebytes on my Arch system?

#3 2014-05-12 01:46:15

Re: Should I install Malwarebytes on my Arch system?

#4 2014-05-12 01:48:55

Re: Should I install Malwarebytes on my Arch system?

#5 2014-05-12 01:55:25

Re: Should I install Malwarebytes on my Arch system?

#6 2014-05-12 02:00:04

Re: Should I install Malwarebytes on my Arch system?

#7 2014-05-12 02:13:08

Re: Should I install Malwarebytes on my Arch system?

#8 2014-05-13 18:27:43

Re: Should I install Malwarebytes on my Arch system?

#9 2014-05-13 19:41:41

Re: Should I install Malwarebytes on my Arch system?

#10 2014-05-13 20:35:15

Re: Should I install Malwarebytes on my Arch system?

#11 2014-05-13 20:41:47

Re: Should I install Malwarebytes on my Arch system?

#12 2014-05-13 20:45:34

Re: Should I install Malwarebytes on my Arch system?

#13 2014-05-13 20:52:45

Re: Should I install Malwarebytes on my Arch system?

Board footer